[Article] Top 13 Online Vulnerability Scanning Tools


Команда форума
Лучшие ответы
Web apps and vulnerabilities go hand-in-hand. The best thing you can do is to not only patch vulnerabilities when your programmers find one, or when a third party cybersecurity company notifies you, but to also act in a proactive way—by setting up your own scheduled vulnerability scans.
Whenever you share your online apps with the public, you run the risk of getting hacked. That’s why setting up a solid vulnerability scan over your network, servers and online apps is an absolute must.
Fortunately, a number of proven methods allow you to identify, categorize, fix and monitor any possible security holes. And just as we shared with you an overview of the top OSINT Tools available, today we’ll examine the top 13 online vulnerability scanning tools that let you take care of things before the bad guys do.
13 popular online vulnerability scanning tools

1. Mozilla Observatory
Mozilla HTTP Observatory is one of the most effective online vulnerability scanners around. Founded by the Mozilla Foundation, this security scanner will analyze your website using different methods to identify potential bugs and security holes within your web app and servers.
The tests are divided into four different categories: HTTP Observatory, TLS Observatory, SSH Observatory and Third-party Tests.

Finally, there is also an SSH service scanner that needs to be initiated manually. Most of the time it will require you to whitelist the Observatory IP address to generate an accurate scan by avoiding firewall blocks.
Once you’ve identified your SSH weaknesses, you can start hardening your server to mitigate the most common SSH attacks.

2. Detectify
is a well-known online vulnerability scanner that enables business owners, infosec teams, and developers to check for over 1000 known vulnerabilities automatically.
Its built-in subdomain monitoring function will continuously analyze any hostile attacks. It also checks your site against the top OWASP vulnerability tests, allows you to integrate security scans with popular dev tools such as Slack, Zapier and Jira, and exports the results of all vulnerabilities found as a summary or a full report.
When pushing your first scan, it starts by grabbing server information, then crawling, fingerprinting, and for later information analysis, finishes with exploitation tests and generates the scan results.
When completed, the results will be displayed in your user dashboard, showing you the severity of the vulnerabilities found in your apps, as shown below:
You’ll see a complete list of security warnings and critical errors found on your website, from mixed HTTP/HTTPS content, to HTTP header vulnerable configurations, old SSL/TLS protocols, and much more.
Last but not least, Detectify will analyze your website against the famous OWASP Top 10 vulnerabilities list and give you a final score, along with quick links that offer more information about how to fix each security-threatening issue:

3. Pentest Web Server Vulnerability Scanner
Pentest Web Server Vulnerability Scanner
is another great product developed by PenTest-Tools, a company known for its wide range of infosec tools that can scan your website against any kind of vulnerability.
Here, we tested the web server online vulnerability scanner with the 20 free credits they offer for guests users.
The results show you a risk rating summary, potential sensitive files found, remote command execution vulnerabilities, SQL injection stats, arbitrary file reads, outdated server software, server misconfigured services, server software and technologies found, as well as a robots.txt file and a full HTTP security header check.
This tool is particularly useful when you need to perform a few specific tests; in our case the 20 free credits were enough to run two scans from the same IP before suggesting their Pro plan for a full deep scan.

4. Qualys FreeScan

While Qualys is famous for their SSL test, most people don’t know they also offer a full vulnerability scanner that analyzes your websites for free. This service lets you perform 10 free scans of any URLs or IP addresses. The Qualys free scanner analyzes for the following issues:
  • OWASP web application auditing
  • Network-related vulnerabilities
  • Missing software patches
  • SCAP compliance
  • Hidden malware
  • SSL certificate vulnerabilities
The results will be filtered by security impact level, from high severity to low severity vulnerabilities. As shown below at right, you can also see the associated CVE information for each specific vulnerability found.
Placing high on our list, it’s one of the best vulnerability scanners around; however, the manual approval process doesn’t make it the right choice for those in a hurry.

5. Probe.ly

This may not be a well-known web vulnerability scanner but it’s highly capable. Probe.ly will scan your web apps to find security issues and vulnerabilities and give you suggestions on how to fix them.
Probe.ly can be used to perform OWASP Top 10 scans, as well as to check for PCI-DSS, ISO27001, HIPAA and GDPR compliance.
It includes an easy-to-use interface that helps you scan your site in seconds. Once completed, it sends you results over email, and displays the full information in your client area interface, letting you download the scan results in PDF and CSV format for further analysis.

6. ImmuniWeb
ImmuniWeb Security Test is a solid, reliable product that performs web application security and privacy checks, including publicly known vulnerabilities, outdated software running on the remote server, HTTP methods, HTTP headers (HSTS, X-Frame-Options, X-Powered-By, X-Content-Type-Options, X-XSS-Protection, CSP, Public-Key-Pins and more), blacklist checking, remote WAF detection, as well as cryptojacking campaign detection within Javascript files.
With a friendly web-based interface, the scan reports results within seconds and gives you a final security score, letting you know about all vulnerabilities found and whether you qualify as PCI DSS compliant.
The final report includes other interesting details such as port/protocol detection, SSL certificate information and full cookie security analysis.

7. Upguard
Upguard is an Australian cybersecurity company that provides several solutions to help online startups keep their systems secure and prevent web breaches.
Their vulnerability scanner is one of the fastest we’ve found so far. It’s also completely free, a budget-friendly way to check your website against more than 40 high severity security vulnerabilities and popular CVEs.
The platform will automatically scan your server, web apps and network, including but not limited to man in the middle attacks, cross-site attacks, fraudulent email attacks, domain hijacking attacks, malware infections, open ports and unauthenticated DNS records.
Once completed, the scanner will show you a summary of the company behind the domain name (cloudflare.com in our tests), their cybersecurity rating, as well as the full description of each vulnerability found on your domain name and web apps.

8. Web Cookies Scanner
Web Cookies Scanner is an all-in-one website vulnerability scanning tool that bases its tests in analyzing HTTP cookies, technologies involved (Flash, HTML5 localStorage, sessionStorage, CANVAS, Supercookies, Evercookies) and HTTP sessions, and also includes HTML, SSL/TLS vulnerability scanning features.
The scan analyzes three different types of cookies, such as third-party domain cookies, persistent cookies and session cookies.
The HTTP header scan shows how secure your website is when it comes to HTTP header hardening and security, as you see in the following example (from our scan of mozilla.org):

9. Tinfoil Security Scanner
Tinfoil Security Scanner is another great vulnerability-finding solution. This free scan gives you access to a trial period during which you can scan your website for vulnerabilities against a wide range of security holes, top CVE’s and fingerprints.
While their scan runs a bit more slowly than the others, it’s deep, thorough and lets you spot the hidden vulnerabilities in your code, server and network.
When finished, it shows you the results as in the following screenshot:

10. Sucuri
While Sucuri SiteCheck became famous as a Malware scanner, it also performs a few vulnerability scanning tasks too.
The full report shows you malware scanning results, blacklisting checks and firewall website status from third-party services like Google Safe Browsing, Norton Safe Web, McAfee, PhishTank and Spamhaus.
It will also analyze your website’s code to check for server errors, spamming and any malicious code injected into your HTML, CSS and Javascript files.
It can also reveal critical system information such as IP addresses (ipv4 and ipv6), web server and application server signatures.

11. ScanMyServer
ScanMyServer is a free tool that searches for common vulnerabilities and security holes and can perform a variety of PHP code injection tests, HTTP header injection tests, Cross Site Scripting attacks, SQL and Blind SQL injection.
To test this service, you must first place an HTML badge in your website. Once ScanMyServer detects the code on your website, the results should be emailed to you within the next 2 hours.
This test performs a thorough scanning and reports the results showing risk solution recommendations. The account also enables you to perform weekly scans of one domain for free.

12. HackerTarget WP Scan

While this isn’t a generic online vulnerability scanner, it works perfectly for those who’ve built their web page using WordPress CMS.
HackerTarget offers a free WordPress security scanner which can be of great use after your initial WordPress set up, to detect and harden weaknesses of your blog or e-commerce or corporate website using this CMS.
Security checks include WordPress core application security, installed plugins and themes as well as web server software and hosting configuration.
The first test is free and performs a simple security scan against the raw HTML code of the blog you’ve entered. The second scan goes deep, enumerating plugins and themes and performing a massive WordPress audit by using Nmap NSE scripts, Nikto, OpenVAS and other popular vulnerability scanners.
The free scan will detect the version of WordPress Core installation, discover plugins in the HTML raw data, identify the active WordPress theme, perform a user enumeration, list all iframes and javascript files, check if directory index is enabled, as well as check for Google Safe Browsing reputation, Spamhaus and other blacklisting block lists.

13. Vulners Web Scanner
Vulners Web Scanner is not a web-based scanner, but a browser extension available for Google Chrome and Firefox. It works on any web page by analyzing the current names and versions of any software running on the HTML response, from the web server to javascript libraries, frameworks, etc.
Once you hit the Scan button, it begins searching and will show you the results in a single window, with all details about the software found, including whether it’s up to date (safe), or if it’s related to any type of CVE or other publicly known vulnerabilities.
But it doesn’t end there. Vulners will also check every resource you are loading from external servers such as statistics software, remote fonts, javascript sources, etc.
It’s a simple tool that does its job: it finds vulnerable software versions on your website, but it should be never used as a definitive scanning tool, only as a quick and basic complement.

Using any of the listed online vulnerability scanning tools may help you identify and track any security vulnerabilities in your network, servers and web applications. To maximize effectiveness we suggest you run multiple tests with different tools and cross-check the results between all of them.
Once you’ve tested and found the best tools for you from this list, you can add automated scans to ensure you’ll get your daily or weekly report by email, allowing you to monitor results proactively. Most of the solutions reviewed here offer both scheduled scans and even API access to create built-in solutions with your own apps.
In the same way online vulnerability scanning tools help you detect possible network threats in your web apps and infrastructure, our cybersecurity API can be integrated with your own apps to get a deeper insight of what’s behind any domain name, DNS server and IP block.